Roundup Here comes a summary of this week’s computer security news beyond what we’ve already covered.
Montreal youth blamed for massive phone-swapping scheme
An 18-year-old man from Canada has been accused of stealing more than $50m in cryptocurrency using SIM-swapping attacks.
SIM swapping typically involves crooks tricking cellular network support staff to transfer victims’ smartphone numbers to the criminals’ own SIMs, and then using those numbers to reset passwords, or get two-factor authentication tokens, via text messages, and ultimately access and drain cryptocoin accounts.
Prosecutors in Montreal believe Samy Bensaci specifically targeted the cell numbers of people he knew were attending a conference on cryptocurrencies, and thus were more likely to have significant amounts of cash invested.
He was charged, released on bail, and ordered to stay with his parents.
Cisco has busy patch week
Admins using Cisco gear in their networks will want to head over to Switchzilla’s security portal and check for applicable updates among the latest batch of 28 patches.
GE medical monitors found to have security flaws
Any time the US Department of Homeland Security gets involved with a bug disclosure, you should pay attention.
This time, the DHS is warning medical providers to immediately patch a serious of vulnerability in General Electric’s Carescape, ApexPro, and Clinical Information Center devices.
The bugs are exploitable over a network connection, meaning an attacker would have to be on the local network, or if for some reason the devices would need to be attached to a network that is remotely accessible. Hopefully, any network that these units are linked to is well-secured to begin with.
Either way, it would be wise to test and install the patches from GE as soon as possible.
US soldiers told to use encryption apps on deployment
American troops in the Middle East have been told to use officially-sanctioned encrypted text apps while in the field.
The Military Times says members of the 82nd Airborne Task Force Devil have been advised to lock down their text messages in order to prevent eavesdropping from the enemy.
Soldiers are being told to make use of either Signal or Wickr when sending messages over their government-issued handsets. These apps will be used in addition to VPNs for the data connections.
While the apps will provide a layer of security for the messages, the Times notes that they raise concerns over record keeping and transparency, as the apps could allow for communications to automatically be deleted.
Exploits arise for Microsoft RDP flaws
If you haven’t yet got around to installing Microsoft’s January patch release, now would be a good time to do so. Researchers have posted proof-of-concept exploits for two of the more serious flaws addressed in the release: CVE-2020-0609 and CVE-2020-0610.
Those bugs, present in the Windows RDP remote desktop software, would potentially allow an attacker to completely take over a targeted system by way of a poisoned network packet. As these are considered critical flaws, getting the patches tested and installed should be a top priority.
Uncle Sam gets poor review on data protection
The US federal government continues to struggle with it efforts to overhaul its IT security practices and policies. The State Department is the latest agency to get a bad grade on its cybersecurity audit.
Among the issues raised by the Office of the Inspector General were the department’s failure to hire two key security positions, a lack of lifecycle planning, and problems with financial reporting and identity management.
German car renter drops the details of three million people
Bad news out of Germany: one of the nation’s top car rental companies has suffered a massive data leak that includes payment card details on millions of people.
Heise reports that a whopping 10TB of data from rental biz Buchbinder were left setting out in an exposed database for several weeks.
Among the details included in the database were customer phone numbers, addresses, accident reports, emails, employee information, and in some cases payment information and bank details (but not credit card information, thankfully.)
While most of the exposed records were from Germany, there were also some details on customers in Austria, Italy, Slovakia, and Hungary.
Citrix extends patching effort for critical vulnerability
It’s the bug that just wouldn’t go away.
Days after issuing the first patches for the critical vulnerability in ADC and Gateway, Citrix has rolled out a second batch of updates for even more of its networking hardware.
This latest release extends the update to cover ADC and Citrix Gateway firmware versions 12.1 and 13.0, which were not addressed in the fixes posted earlier this week.
As the flaws are both being scanned for and exploited in the wild, admins will want to get the patches in place ASAP.
Intercept cofounder faces charges
Glenn Greenwald, one of the first journalists to report Edward Snowden’s revelations, faces criminal charges in Brazil on allegations of assisting criminal hackers. The Intercept, which Greenwald cofounded and edits, claims he is being unfairly targeted for reporting corruption in the ranks of the Brazilian government.
“The Bolsonaro government has repeatedly made it clear that it does not believe in basic press freedoms,” the publication claimed on Tuesday. “Today’s announcement that a criminal complaint has been filed against Intercept co-founding editor Glenn Greenwald is the latest example of journalists facing serious threats in Brazil.” ®
READ MORE HERE